<?php
require_once 'Database.php';
/*
 * a Wsse compilant authentication header.  This header has two username/password items.
 * It is possible to extend to more username/password pairs, but if that is done, 
 * the server side will have to be modified to handle it. 
 * see ServerHeaderDOMDocument.php for the parsing of this header in the SOAP Server
 */
class WsseAuthSoapHeader extends SoapHeader
{
    function __construct ($clientUsername, $clientPassword, $callerUsername, 
            $callerPassword, $ns = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd')
    {
        $db = new Database();
        $db->connect();
        
		$securityItems = array();
		$clientItems = array();
        $clientItems[] = new SoapVar($clientUsername, XSD_STRING, NULL, $ns, 'Username', $ns);
        $clientItems[] = new SoapVar($clientPassword, XSD_STRING, NULL, $ns, 'Password', $ns);
        $securityItems[] = new SoapVar($clientItems,
        		SOAP_ENC_OBJECT,NULL, $ns, 'UsernameToken',$ns);

        $callerItems = array();
        $callerItems[] = new SoapVar($callerUsername, XSD_STRING, NULL, 
                $ns, 'Username', $ns);
        $callerItems[] = new SoapVar($callerPassword, XSD_STRING, NULL, 
                $ns, 'Password', $ns);
        $securityItems[] = new SoapVar($callerItems, SOAP_ENC_OBJECT, NULL, 
                $ns, 'UsernameToken',$ns);
        
        $hash = hash('sha256',$clientUsername .  $clientPassword . $callerUsername . $callerPassword);
        $securityItems[] = new SoapVar($hash, XSD_STRING, NULL, $ns, 
                'BinarySecurityToken', $ns);
        
        $securitySV =  new SoapVar($securityItems, SOAP_ENC_OBJECT, NULL, 
                $ns, 'Security', $ns);
        $db->logEvent('SoapHeader constructor', 21, print_r($securitySV, TRUE));
        
        parent::__construct($ns, 'Security', $securitySV, FALSE);
    }
}
?>